[j-nsp] policing TCP traffic
Jason Parsons
jparsons-juniper@saffron.org
Sun, 1 Sep 2002 23:47:01 -0400
Bob,
Some more detail on my policing concerns; hope you can offer some more
help.
To make things a little easier, I applied the policer directly to the
interface:
fe-0/0/3 {
unit 0 {
family inet {
policer {
input policer-1;
}
address 192.168.11.2/24;
}
}
}
I then tried playing around with the settings of policer-1.
policer policer-1 {
if-exceeding {
bandwidth-limit 15m;
burst-size-limit 15k;
}
then discard;
}
Here's a summary of different bandwidth-limits with different
burst-size-limits, and the TCP throughput I was able to achieve under
that configuration:
bandwidth-limit burst-size-limit Actual TCP throughput
15M 15k (10xMTU) 440Kb/s
15M 3m 7.38Mb/s
15M 7m 7.60Mb/s
15M 15m 7.45Mb/s
(15m = bandwidth(15m) x allowable time for burst traffic (1ms))
15M 30m 7.44Mb/s
30M 15k 12.61Mb/s
30M 15m 27.10Mb/s
30M 30m 26.99Mb/s
As the table shows, the best performance I can get out of a 15M filter
is about 51% of the configured limit. However, I can get 90% out of a
30M filter with a similar configuration.
So, what am I missing? I know that my testing setup isn't great, but I
can't find a good explanation for the discrepancy between the 15M and
30M results.
Thanks again.
- Jason Parsons
On Friday, Aug 30, 2002, at 19:33 US/Eastern, Robert O'Hara wrote:
> To some extent, I am theorizing, because I am not in front of your
> test setup, but.... as noted, I think the burst-limit is set too high.